Public Private Partnerships - Federal Government

Part
01
of three
Part
01

Public Private Partnerships - Case Studies Part 1

The government of the United States, through the Department of Defense (DoD), developed the internet through ARPANET. In 1990 the US government decommissioned ARPANET and removed security restrictions allowing private and commercial entities to utilize the internet infrastructure. To maintain and keep developing the global internet infrastructure (while keeping it safe and secure), the United States government maintains a "public-private partnership," with several entities, including ICANN and IETF. Another private sector partnership spearheaded by the Securities and Exchange Commission (SEC) seeks to develop cybersecurity for private-sector infrastructures.

PARTNERSHIP TO DEVELOP ARPANET (INTERNET)

  • The United States Department of Defense (DoD) awarded contracts in the early 1960s to build packet network systems. This initiative led to the development of the ARPANET (which became the "first network" infrastructure to use IP addresses).
  • The Department of Defense is an executive department of the government of the United States.
  • The global internet started as a project funded by the US government. During the late 1960s, the Advanced Research Projects Agency Network (ARPANET) was set up to facilitate the sharing of digital resources between computers.
  • After developing an infrastructure for communication-based on several protocols such as TCP and IP, the "ARPANET was decommissioned in 1990." Restrictions (security limitations) regarding the use of the internet were removed, leading to the growth of private connections and commercial traffic that rode on backbones of retail/commercial internet service providers (ISPs).
  • By the 1990s, the network started by the DoD had grown to become a "worldwide networking infrastructure."
  • In 1994, the United States National Science Foundation, which also significantly controlled and managed the infrastructure of the internet as of then, subcontracted DNS (domain name system) management to a private organization.

PARTNERSHIP TO MAINTAIN THE INTERNET/ASSIGN PROTOCOLS

  • After collaborating with the private sector to develop the internet infrastructure, the United States government partnered with the private sector to secure it.
  • Way back since 1997, the United States' Department of Commerce maintained a "public-private partnership" with the Internet Corporation for Assigned Names and Numbers (ICANN). It also collaborated with IETF. These partnerships were meant to keep the internet safe, secure, stable, and interoperable.
  • In 2016, the United States government/Department of Commerce stopped overseeing the internet's naming system. This task was given up to a non-profit organization. Before the handover, the government, through the Internet Corporation for Assigned Names and Numbers (ICANN), controlled the IP addresses and domain names assigned to various communication nodes.
  • Participants from across the world now design policies related to the internet's unique identifiers and its naming system. A "public-private partnership," with ICANN helps to perform some contracted functions under the United States' Department of Commerce. These functions keep the internet "stable, secure, and interoperable."
  • The US government and research agencies once exclusively controlled domain name service. Today, several operators in the private sector have adopted the technology and own root domain name servers.
  • Apart from ICANN, NASA, US DoD, and the US Army Research Lab, which still operate root naming servers. Several private organizations such as VeriSign Global Registry Services, the University of Southern California, among other private sector organizations now control some 13 root servers. These servers form the foundation of the internet.

PKI/CYBERSECURITY FOR PRIVATE SECTOR INFRASTRUCTURE

  • To keep the global internet secure, the Department of Defense (DoD) has developed a Public Key Infrastructure. This infrastructure gets utilized frequently for the United States classified communications, Federal Inter-Agency communications, and Interoperable Inter-Agency communications (at the federal, state, and local levels). The private sector has also adopted it for commercial use.
  • In compliance with the Homeland Security Presidential Directive 12, DoD developed a Public Key Infrastructure (PKI) with e-business capabilities. This framework can be used to manage electronic/digital identities and associated credentials. It can also be used to manage critical materials for users, servers, applications, and network components.
  • The DoD declared that PKI had acquired "initial operational" capabilities as of November 2011. Three development spirals of PKI were implemented between 2009 and 2014.
  • Today, PKI is widely used, as the safeguarding of private networks/keys is critically essential. PKIs often get used in the authentication and authorization process for web applications; PKIs help in server identification, as well as electronic document and form signing. Other uses of PKI include its applications in VPNs, S/MIME email signing as well as encryption, etc.
  • Distributed PKI helps in managing several "critical vulnerabilities" in cybersecurity. This technology makes cyber access more transparent and more difficult to compromise.
  • Apart from the enterprise Public Key Infrastructure (PKI) (Public CA) servers available, several organizations now implement their PKI infrastructure. This technology has given rise to Private/Public Key Infrastructures (Private PKI) adopted by the private sector for blockchain distributed infrastructures,
  • The United States government, through the Securities and Exchange Commission (SEC), is also implementing a Public-Private Partnership (PPP) on cybersecurity. This partnership aims at keeping private-sector infrastructures secure.
  • According to the Center for Strategic and International Studies Commission on Cybersecurity, unique types of threats confront power grids, financial institutions due to leaking confidential information. The integrity of public as well as private sector network infrastructure is crucial to national security.
  • The private sector has adopted cybersecurity solutions. These solutions were initiatives of the DoD (such as PKI).
  • Private sector organizations control a significant part of the critical infrastructure vulnerable to cyber threats. Many of the companies that own vital infrastructure have cybersecurity programs. They have specific expertise as well as experience in handling potential risks.
  • Through a new partnership aimed to secure vulnerable infrastructure, the Securities and Exchange Commission (SEC) has designed a framework. This framework mandates that significant cybersecurity risks, as well as incidents, are disclosed to investors. This partnership is necessary because The operators in the public sector have various strengths/advantages.
  • The United States government has motivated industry groups to label themselves as cybersecurity compliant so that consumers can make "smart choices about what they're buying."

RESEARCH STRATEGY

The research reviewed several government publications, such as articles of Pennsylvania State University, etc. The study investigated several technologies, such as IP protocols/IP infrastructure, PKI (public key infrastructure), domain name service, cybersecurity frameworks, etc. The study also examined the various stages of the internet were public-private partnership has helped the United States federal government to build capacity. Partnerships to incubate technology and transfer the same to the private sector for adoption were also investigated. Due to the time frame of some adopted technologies, two resources older than the usual 24-month credibility range are in the study. PKI was developed way back in 2011 by the Department of Defense (DoD).


Part
02
of three
Part
02

Public Private Partnerships - Case Studies Part 2

Notable partnerships between the Federal government, such as the Department of Veterans Affairs (VA) and Department of Homeland Security (DHS), and private companies (e.g., IBM Watson Health, Tamr) have led to significant improvements in building the capacity of the U.S. federal sector. Recent examples of such effective partnerships include a collaborative effort to leverage AI capabilities for genomics research to support veteran cancer therapy and a national program to drive innovation from small businesses and tech startups into national initiatives.

CASE 1: GENOMICS RESEARCH FOR CANCER THERAPY

  • In 2016, former Vice President Joe Biden announced a collaborative initiative between the U.S. Department of Veterans Affairs (VA) and IBM Watson Health on a new program to leverage IBM's artificial intelligence (AI) capabilities on genomic data to allow for VA doctors to provide enhanced treatment options to patients.
  • Through this initiative, the VA relies on its public-private partnership with Watson Health to support VA doctors in expanding and scaling access to care for a projected estimate of 10,000 American veterans with cancer.
  • As part of the collaboration, Watson Health generates a report for physicians that more easily identifies genetic data where cancer-causing mutations exist and listed treatment options for those specific mutations based on extensive literature reviews of medical literature.
  • By leveraging Watson Health's capabilities for transforming large data sets into more digestible reports, the collaboration is helping to speed up the ability for doctors to provide personalized treatment options based on complex genomics data from patients.
  • With VA providing care to 3.5 percent of the nation's cancer patients, the highest percentage of all U.S. healthcare systems, this partnership is expected to expand VA's ability to provide personalized care to more veterans, more quickly.
  • In 2018, the partnership was extended for one year to further benefit VA by reducing variability in cancer care through use of the AI technology from Watson Health and to continue to expand access to care to veterans, particularly those located in rural areas.

CASE 2: SILICON VALLEY INNOVATION PROGRAM (SVIP)

  • The Department of Homeland Security's (DHS) Science and Technology Directorate (S&T) rolled out an innovative partnership with Silicon Valley tech companies in the form of the Silicon Valley Innovation Program (SVIP) in 2015.
  • The intent of the program is to identify cutting-edge technologies being developed and used in the private sector (i.e., tech startups, small businesses) that may be used to tackle some of the most challenging issues faced by DHS (e.g., cyber security, information technology, border security).
  • In 2018, three companies' products were successfully transitioned to DHS and the U.S. Customers and Border Protection: Tamr's Global Traveler Assessment System (GTAS) to screen foreign travelers, Echodyne Corporation's Metamaterial Electronically Scanning Array (MESA) radar system, and Datarobot's automated machine learning (AML) algorithm to develop predictive models using GTAS data.
  • The transition of such products leverage DHS's ability to address homeland security issues in a faster, more accurate, and more effective manner.

RESEARCH STRATEGY

The research team defined "building capacity" as any initiative, program, or tool that strengthens an organization's ability to withstand change effectively. The ways in which the above case studies selected brought about building capacity for the VA and DHS, respectively, are outlined within their section. While partnerships referenced in the above studies fall outside the standard Wonder time frame of 24 months, the news of their results and impacts have continued on through 2018 and 2019 and therefore were deemed recent and strong examples of capacity-building public-private partnerships.
Part
03
of three
Part
03

Public Private Partnerships - Case Studies

The federal government of Australia has incubated spatial technology under the Satellite-Based Augmentation System project and has partnered with the private sector to deploy the technologies. The Australian Cyber Security Centre (ACSC) is a PPP engagement that seeks to improve awareness and mitigation of cybersecurity threats in Australia.

SATELLITE BASED AUGMENTATION SYSTEM

AUSTRALIAN CYBER SECURITY CENTRE (ACSC)

  • The ACSC is a PPP partnership between the federal government and private sector whose focus is to deliver a coordinated cybersecurity approach in the country.
  • ACSC partners gain awareness of the cybersecurity environment through sharing of timely information on threats and collaborating on solutions.
  • ACSC partners are also engaged by the government in the roll out of joint cybersecurity centers (JCSC) and the Australian Internet Security Initiative (AISI).
  • ASCI is a public-private partnership between Australian internet service providers and the ACSC purposed to protect internet users from cybersecurity threats.
  • JCSC offers ACSC partners a PPP opportunity to work with the government in the development and operation of cybersecurity centers across Australian cities.
Sources
Sources